ANEURIN Bevan Health Board has been handed a costly slap on the wrist for breaching data protection laws.
The sheer size of the fine is in part aimed at ensuring that the board pays much closer attention to its data protection practices in the future.
And it has already made the commitment to do so.
But it should also send a message to all other health organisations to perhaps check that their own practices are up to scratch.
The health board is the first NHS body to be fined for breaching the Data Protection Act after it released sensitive information about a patient’s health to the wrong person.
The initial mistake was perhaps understandable, the result of human error.
But the investigation by the Information Commissioner’s Office, which followed the breach, highlighted poor practices across the organisation which perhaps meant such a breach was almost inevitable.
Staff had not been trained and there were inadequate checks in place to make sure the information they handled was always secure.
This was a serious breach and incredibly distressing for the patient involved.
We welcome the fact that the health board has already introduced changes and has made a firm commitment to the ICO that such a breach will not happen again.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here